/// <summary>
        /// Authorize permission
        /// </summary>
        /// <param name="permission">Permission record</param>
        /// <param name="customer">Customer</param>
        /// <returns>true - authorized; otherwise, false</returns>
        public virtual bool Authorize(PermissionRecord permission, Employee employee)
        {
            if (permission == null)
                return false;

            if (employee == null)
                return false;

            return Authorize(permission.SystemName, employee);
        }
        public Employee GetAuthenticatedEmployee()
        {
            if (_cachedEmployee != null)
                return _cachedEmployee;

            if (_httpContext == null ||
                _httpContext.Request == null ||
                !_httpContext.Request.IsAuthenticated ||
                !(_httpContext.User.Identity is FormsIdentity))
            {
                return null;
            }

            //var userName = _httpContext.User.Identity.Name;
            //var user = _userService.GetUserByEmail(userName);
            var employeeId = _httpContext.User.Identity.Name;
            var employee = _employeeService.GetById(Convert.ToInt32(employeeId));

            if (employee != null && employee.Active)
                _cachedEmployee = employee;
            return _cachedEmployee;
        }
        /// <summary>
        /// Authorize permission
        /// </summary>
        /// <param name="permissionRecordSystemName">Permission record system name</param>
        /// <param name="customer">Customer</param>
        /// <returns>true - authorized; otherwise, false</returns>
        public virtual bool Authorize(string permissionRecordSystemName, Employee employee)
        {
            if (String.IsNullOrEmpty(permissionRecordSystemName))
                return false;

            var customerRoles = employee.EmployeeRoles.Where(cr => cr.Active);
            foreach (var role in customerRoles)
                if (Authorize(permissionRecordSystemName, role))
                    //yes, we have such permission
                    return true;

            //no permission found
            return false;
        }
Beispiel #4
0
        protected Employee GetCurrentEmployee()
        {
            if (_cachedEmployee != null)
                return _cachedEmployee;

            if (!IsAuthenticated)
                return null;

            Employee employee = null;
            if (_httpContext != null)
            {
                employee = _authenticationService.GetAuthenticatedEmployee();
            }

            //validation
            if (employee != null && employee.Active)
            {
                //update last activity date
                if (employee.LastActivityDateUtc.AddMinutes(1.0) < DateTime.UtcNow)
                {
                    employee.LastActivityDateUtc = DateTime.UtcNow;
                    _employeeService.Update(employee);
                }

                _cachedEmployee = employee;
            }

            return _cachedEmployee;
        }
 public void Login(Employee employee, bool persistentCookie)
 {
     FormsAuthentication.SetAuthCookie(employee.Id.ToString(), persistentCookie);
 }